[Pkg-shadow-commits] r2122 - debian/branches/lenny/debian
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Thu Jun 12 22:11:48 UTC 2008
Author: nekral-guest
Date: 2008-06-12 22:11:47 +0000 (Thu, 12 Jun 2008)
New Revision: 2122
Modified:
debian/branches/lenny/debian/login.defs
Log:
* Added description of new variables in /etc/login.defs:
- SYS_UID_MIN, SYS_UID_MAX, SYS_GID_MIN, SYS_GID_MAX
- ENCRYPT_METHOD
- SHA_CRYPT_MIN_ROUNDS, SHA_CRYPT_MAX_ROUNDS
Modified: debian/branches/lenny/debian/login.defs
===================================================================
--- debian/branches/lenny/debian/login.defs 2008-06-12 22:10:15 UTC (rev 2121)
+++ debian/branches/lenny/debian/login.defs 2008-06-12 22:11:47 UTC (rev 2122)
@@ -176,12 +176,18 @@
#
UID_MIN 1000
UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 100
GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
#
# Max number of login retries if password is bad. This will most likely be
@@ -266,8 +272,38 @@
#
# This variable is used by chpasswd, gpasswd and newusers.
#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
#MD5_CRYPT_ENAB no
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
################# OBSOLETED BY PAM ##############
# #
# These options are now handled by PAM. Please #
More information about the Pkg-shadow-commits
mailing list